STIGQter: STIG Summary: Samsung Android OS 9 with Knox 3.x COPE Use Case KPE(AE) Deployment Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Samsung Android must be configured to not allow passwords that include more than two repeating or sequential characters.

DISA Rule

SV-103861r1_rule

Vulnerability Number

V-93775

Group Title

PP-MDF-301020

Rule Version

KNOX-09-000390

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure Samsung Android to prevent passwords from containing more than two repeating or sequential characters.

On the MDM console, for the device, in the "Knox password constraints" group:
1. Set "maximum sequential characters" to "2".
2. Set "maximum sequential numbers" to "2".

Check Contents

Review device configuration settings to confirm that passwords with two repeating or sequential characters are prevented.

This procedure is performed on both the MDM Administration console and the Samsung Android device.

On the MDM console, do the following:
1. For the device, in the "Knox password constraint" group, verify that "maximum sequential characters" is "2" or less.
2. For the device, in the "Knox password constraint" group, verify that "maximum sequential numbers" is "2" or less.

On the Samsung Android device, do the following:
1. Open Settings.
2. Tap "Lock screen".
3. Tap "Screen lock type".
4. Enter current password.
5. Tap "Password".
6. Verify that passwords with two or more sequential characters or numbers are not accepted.

If on the MDM console "maximum sequential characters" or "maximum sequential numbers" is more than "2", or on the Samsung Android device a password with two or more sequential characters or numbers is accepted, this is a finding.

Vulnerability Number

V-93775

Documentable

False

Rule Version

KNOX-09-000390

Severity Override Guidance

Review device configuration settings to confirm that passwords with two repeating or sequential characters are prevented.

This procedure is performed on both the MDM Administration console and the Samsung Android device.

On the MDM console, do the following:
1. For the device, in the "Knox password constraint" group, verify that "maximum sequential characters" is "2" or less.
2. For the device, in the "Knox password constraint" group, verify that "maximum sequential numbers" is "2" or less.

On the Samsung Android device, do the following:
1. Open Settings.
2. Tap "Lock screen".
3. Tap "Screen lock type".
4. Enter current password.
5. Tap "Password".
6. Verify that passwords with two or more sequential characters or numbers are not accepted.

If on the MDM console "maximum sequential characters" or "maximum sequential numbers" is more than "2", or on the Samsung Android device a password with two or more sequential characters or numbers is accepted, this is a finding.

Check Content Reference

M

Target Key

3507

Comments